If this is your first visit, be sure to
check out the FAQ by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

I was under the impression that you could disable ICS without shutting off your firewall. They are the same service, but you can uncheck "share this connection" or whatever and still have your firewall active.

I don't see a need to disable ICS at all. The chances are very low that someone on your INTERNAL network is going to attack the internet gateway. If so, you deserve it. Who would use a windows box with ICS or the ICF as their gateway/firewall anyway?! At LEAST use some third party software if you're going to do this. Something that will actually give you a little bit of control over your gateway.

Hardware routers/firewalls are a dime a dozen today and use far less energy than a full blown PC that has to be left on all the time.

Last edited by phishphreek; October 31st, 2006 at 05:10 PM.

Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.

I was under the impression that you could disable ICS without shutting off your firewall. They are the same service, but you can uncheck "share this connection" or whatever and still have your firewall active.

I don't see a need to disable ICS at all. The chances are very low that someone on your INTERNAL network is going to attack the internet gateway. If so, you deserve it. Who would use a windows box as their gateway/firewall anyway?!

Hardware routers/firewalls are a dime a dozen today and use far less energy than a full blown PC that has to be left on all the time.

There are a few of these... I'm actually working through a rebuttal right now.. and yes you are correct, There is the parent service that is the same and it has two child services that can be enabled / disabled independantly...

And yes it is a low risk threat... but still a threat... The idea of a router is great... That would be what you'd do if you disabled ICS (i thought it was implied) when I said to disable that means of sharing the connection...

The risk isn't huge, but it does exist... My intention was to inform people of the risk... that was all... I will link my rebuttal post that has the explanation of why my options are perfectly valid once it is posted.

HT.

IT Blog: .:Computer Defense:.PnCHd (Pronounced Pinched): Acronym - Point 'n Click Hacked. As in: "That website was pinched" or "The skiddie pinched my computer because I forgot to patch".

edited:
And yes it is a low risk threat... but still a threat... The idea of a router is great... That would be what you'd do if you disabled ICS (i thought it was implied) when I said to disable that means of sharing the connection...
edited:
HT.

Not necessarily. If you're going to use a dedicated box... please trust something that isn't based on m$. I've can't recall a "security" product from them that I would personally trust. If you can't afford a dedicated hardware router/firewall, there are alternatives.

I've used it a couple of times now. Easy for any n00b to setup. Actually, easier than installing m$ with ICS and you can actually manage it! Plus, you might actually learn something about security! IDS/DNS/DHCP/Proxy/Firewall/VPN/Dynamic DNS/etc. all for the low cost of $0. Of course, I'm assuming you're going to install it on the box you were using ICS for. Well, ok, maybe $5 for a second nic... but still.

Not to mention, there are a sh17 load of plugins depending on your needs.

Either way. Nice handling of the situation. Some people jump the gun without understanding security or the inner working of the services they are reporting on. That guy george was completely clueless. I didn't pay much attention to this whole thing and I saw his blog post as what it was... BS.

The only thing I don't agree with, as you can see, is people using m$ as their freaking firewall/router. Stupid stupid stupid.

Last edited by phishphreek; November 1st, 2006 at 03:48 AM.

Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.

The only thing I don't agree with, as you can see, is people using m$ as their freaking firewall/router. Stupid stupid stupid.

It's not something that I condone either... then again I don't always condone the MS Firewall... but people do it... for better or worse they do it...

Great Example:

You go away to college/university... You've got a desktop and a laptop to take to class... Only 1 network jack in your dorm though... Network Policy says no Routers/Switches/Hubs... What do you do... Spoof the MAC Address so it doesn't look like linksys... then what if they do OS detection with nmap and determine what it is...(Not that you know any of this) you just know if they catch you with a router you lose your internet.. So you plug in your desktop.. pay the geek down the hall 20 bucks to setup ICS and away you go plugging your laptop into your desktop... (I saw this scenerio when I was working at the college)... Not that routers were checked for with those active measures... but a lot of students had ICS... many also had it because their parents had a computer and they bought theres.. when they go home for 4 months in the summer they share the connection... There are plenty of scenerios that geeks don't consider...

So take that same student... they pay to have it setup... the geek also gives them a User account to run with instead of Administrator (much more common in the colleges than you'd think.. .consider I thought I'd see 0%)... So you download malware... you have ics sharing with your laptop... the malware can't spread because of our firewall.. but if it uses this malformed DNS packet it can kill the firewall and spread away...

I'm not saying these are common or likely... but I have seen them.. and they do exist... Full Disclosure and informing the community means taking into account everyone.. even the lowest common denominator...

Just because I don't like Fords and I don't think many people drive escorts these days... should I not inform people that their Escort will explode if they drive for 10KM at under 25KM/hour...

Not arguing (since there's nothing to argue in this thread) just pointing out some ideas and thoughts on it..

IT Blog: .:Computer Defense:.PnCHd (Pronounced Pinched): Acronym - Point 'n Click Hacked. As in: "That website was pinched" or "The skiddie pinched my computer because I forgot to patch".